Re: Why no IPv6-only day (Was: Protocol-41 is not the only tunneling protocol)
In message e230de23-ad00-4f3d-b384-ba52fa7b3...@delong.com, Owen DeLong writes: On Jun 6, 2011, at 4:49 PM, Mark Andrews wrote: =20 In message b53bef53-f327-44ed-8f23-a85042e99...@delong.com, Owen = DeLong write s: =20 On Jun 6, 2011, at 2:23 PM, Mark Andrews wrote: =20 =3D20 In message alpine.bsf.2.00.1106060732190.68...@goat.gigo.com, = Jason =3D Fesler wr ites: But anyway, just consider it: a portion of the major websites go IPv6-only for 24 hours. What happens is that well, 99% of the =3D populace can't reach them anymore, as the known ones are down, they start =3D= calling and thus overloading the helpdesks of their ISPs. =3D20 Won't happen this year or next. Too much money at stake for the = web=3D20=3D =20 sites. Only when IPv4 is single digits or less could this be = even=3D20 remotely considered. Even the 0.05% hit for a day was controverial = =3D at=3D20 $dayjob. =3D20 IPv4 will never reach those figures. IPv6 isn't preferenced enough = =3D for that to happen and IPv6-only sites have methods of reaching IPv4 = only sites (DS-Lite, NAT64/DNS64). =20 I think you'll be surprised over time. Given the tendency of the =3D internet to nearly double in size every 2 years or so, it only takes 7 cycles = =3D (about 15 years) for the existing network to become a single-digit = percentage of the future network. =20 Owen =20 And without there being a strong IPv6 bias in the clients they will continue to use IPv4/IPv6 on a 50/50 basis. I would be quite happy to be proven wrong and only time will tell. =20 Almost every client does have a strong IPv6 bias if they have what appears to be native connectivity. The bias degrades rapidly with other forms of host connectivity. My linux and Mac systems certainly seem to strongly prefer IPv6 from my home. YMMV. Things like happy-eyeballs diminish it even with perfect IPv6 connectivity. 100ms rtt doesn't cover the world and to make multi-homed servers (includes dual stack) work well clients will make additional connections. Owen -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: ipv6 day quiet period please
On Jun 7, 2011, at 2:13 AM, Scott Weeks wrote: Based on recent conversations, I hope everyone got their feelings expressed... :-) I would like to ask politely that we stop those conversations (and the other ones we all have fun with (or plonk)) and let the IPv6 day observations/discussions rule the floor when the world's day starts at the international dateline on June 8th. Seconded. Except that World IPv6 Day is 00:00 - 23:59 June 8 UTC, not int'l date line time. -- TTFN, patrick
Re: v6 proof of life
On 7 Jun 2011, at 04:47, Wes Hardaker wrote: On Mon, 06 Jun 2011 23:56:32 +, Paul Vixie vi...@isc.org said: PV it's been a while since i looked at the query stream still hitting PV importantly and happily, there's a great deal of IPv6 happening PV here. Which is reaffirming what many have said for a while: it'll be the server-to-server traffic that will first peak. It's just going to take the client-server relationships years to catch up. Every time I look at my maillogs I've found there is quite a bit of v6 happening. But the web logs show almost nothing. Other way around here... pushing 2% external web traffic by IPv6, but only about 0.2% of mail traffic, and that would be lower if some of our users weren't on various IETF mail lists. Tim
Re: Why no IPv6-only day (Was: Protocol-41 is not the only tunneling protocol)
Cisco just published a report saying that bandwidth will increase 400% by 2015, http://isoc-ny.org/p2/?p=2182 That does mean doubling every two years as far as it goes.. j On Mon, Jun 6, 2011 at 7:45 PM, Jérôme Nicolle jer...@ceriz.fr wrote: 2011/6/6 Owen DeLong o...@delong.com: I think you'll be surprised over time. Given the tendency of the internet to nearly double in size every 2 years or so, it only takes 7 cycles (about 15 years) for the existing network to become a single-digit percentage of the future network. Owen -- --- Joly MacFie 218 565 9365 Skype:punkcast WWWhatsup NYC - http://wwwhatsup.com http://pinstand.com - http://punkcast.com VP (Admin) - ISOC-NY - http://isoc-ny.org -- -
RE: Why don't ISPs peer with everyone?
I agree, HE's peering policy makes them an attractive transit provider. However, money and strategy still come into play here. For example, ISP Z will think I need some peering and transit. But if I get HE transit then some people may not peer with me at X-exchange because they will already see my routes via their HE peering So then they get some transit from a network who is useless with their settlement free peering, then get the peers on the X-exchange and only when they are happily peered will they go to HE. -- Leigh Porter From: Owen DeLong [o...@delong.com] Sent: 07 June 2011 06:43 To: Alex Ryu Cc: nanog@nanog.org Subject: Re: Why don't ISPs peer with everyone? FWIW, Hurricane Electric has an aggressively open peering policy and we will peer with anyone who is willing to peer at any exchange where we are connected. We believe as stated by Rucas that this only serves to enhance the internet experience for our customers as well as our peers. So far, it seems to be working pretty well for us. I encourage others to follow our lead in this regard as it truly does make a more functional internet. Owen On Jun 6, 2011, at 3:24 PM, Alex Ryu wrote: Nope. It is because who pay the money, and somebody wants to earn the money because they have more control. So it is because of money. Welcome to the world of capitalism. Alex On Mon, Jun 6, 2011 at 5:19 PM, rucasbr...@hushmail.com wrote: Hello, I wouldn't consider myself a network engineer, nor do I have any formal training, but why don't ISPs peer with every other ISP? It would only save EVERYONE money if they did this, no? Only issue I see is with possibly hijacked / malicious AS owners, but that's not very common to do without being caught. All the whole don't peer with this guy only makes your customers have worse latencies and paths to other people, making the Internet less healthy. Thanks, Rucas PS: sorry if I sent this twice; client lagged a bit. __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
Re: automated router config back up
On 7 June 2011 10:33, Jon Heise j...@smugmug.com wrote: Aside from rancid, what methods do people have for doing automated backups and diffing of router configs ? http://code.google.com/p/notch/ and it's assortment of tools is something I've been meaning to look into. -- Shaineel Singh e: shain.si...@gmail.com p: +61 422 921 951 w: http://buffet.shainsingh.com -- Too many have dispensed with generosity to practice charity - Albert Camus
Re: v6 proof of life
Le 07/06/2011 01:56, Paul Vixie a écrit : 44 2001:db8::230:48ff:fef2:f340 44 2001:db8::230:48ff:fef0:1de How can 2001:db8::/32 reach your machines ? Denis
Re: automated router config back up - summary
Ok, so based on what's been written here, here is the list of tools mentioned so far RANCID - http://www.shrubbery.net/rancid/ Inventory (formerly ZipTie) - http://inventory.alterpoint.com/ NocProject - http://redmine.nocproject.org/projects/noc/wiki Notch - http://code.google.com/p/notch/ Cisco-Conf-Repository http://cisco-conf-rep.sourceforge.net/ I've also heard of Gerty, though as far as I understand, it's still a work in progress: https://github.com/ssinyagin/gerty And another solution is Netdot - http://netdot.uoregon.edu/ which will do inventory management (at least on Cisco), though it will rely on Rancid to fetch the configurations. ... I'll try and find the time to write a short summary of features for each (conf. backup, conf management/provisioning, inventory management) and post here. Cheers, Phil
Re: Why don't ISPs peer with everyone?
in this context, anyone who is a BGP speaker is an ISP. /bill On Tue, Jun 07, 2011 at 07:34:25AM +0300, Hank Nussbacher wrote: On Mon, 6 Jun 2011, rucasbr...@hushmail.com wrote: Please define ISP. -Hank Hello, I wouldn't consider myself a network engineer, nor do I have any formal training, but why don't ISPs peer with every other ISP? It would only save EVERYONE money if they did this, no? Only issue I see is with possibly hijacked / malicious AS owners, but that's not very common to do without being caught. All the whole don't peer with this guy only makes your customers have worse latencies and paths to other people, making the Internet less healthy. Thanks, Rucas PS: sorry if I sent this twice; client lagged a bit.
Re: Cogent?
As in sales? Isn't that all they have? On 6/7/11, Ryan Finnesey ryan.finne...@harrierinvestments.com wrote: Does cogent have a true carrier/wholesale team? Cheers Ryan Sent from my Windows Phone -- Sent from my mobile device
RE: Cogent?
As in sales? Isn't that all they have? He probably means who understands the business. Erik
Re: v6 proof of life
Sometimes more than 25% of the traffic in our webserver is v6 http://lacnic.net/v6stat/hour_access_log_counter.png http://lacnic.net/v6stat/hour_access_log_counter.txt Haven't time to check the details about URLs, countries, user-agents but I am working on it. Regards, .as On 7 Jun 2011, at 08:47, George Bonser wrote: There was some additional research done by Geoff Houston indicating that if you exposed tunnel capable hosts (that were able to reach IPv6 literals) you had something closer to 20% IPv6 connectivity. I'm already excited about traffic levels and patterns in less than 24 hours. Will be interesting to observe. - Jared See if you can reach this even if you don't have native IPv6... http://[2001:418:3f4::5]/ I am seeing about 33% of our DNS traffic from one server over v6 but admittedly a lot of this is to the root servers that return A records for various domains. But the number of domains with v6 capable DNS servers is rising.
Re: Why no IPv6-only day (Was: Protocol-41 is not the only tunneling protocol)
Things like happy-eyeballs diminish it even with perfect IPv6 connectivity. 100ms rtt doesn't cover the world and to make multi-homed servers (includes dual stack) work well clients will make additional connections. Is happy eyeballs actually running code ANYWHERE? Owen
Re: Microsoft's participation in World IPv6 day
Two thing about this one after have read the manual of this product. This is probably for the american market. I'm in europe. Second, nowhere in their manual is the word ipv6 or v6 found. Have a ZyXEL VSG1432 right behind me where the IPv6 works pretty good (http://www.getipv6.info/index.php/Broadband_CPE#DSL). All the DSL modem vendors could stand improving their GUI. Frank -Original Message- From: fredrik danerklint [mailto:fredan-na...@fredan.se] Sent: Friday, June 03, 2011 7:27 AM To: nanog@nanog.org Subject: Re: Microsoft's participation in World IPv6 day The problem is not all on Microsoft at this case. For example; I've bought a ZyXEL P-2612HNU-F1(which has 802.11n Wireless ADSL 2+ 4-port gateway 2 SIP 2 USB 3G Backup) in december 2010. It basiclly has everything in it. How do I as a customer do to have a working IPv6 setup on this modem since ZyXEL, basicilly, has decide that it will not support IPv6 at all? I mean, you can not say it does not have the the cpu power for handling IPv6 when it can also act as a fileserver and a printserver for example. What they (ZyXEL) are saying to me (for not haveing IPv6 at this moment) is that they don't have the skills to implement IPv6 in their current products. Think about all the CPE that will not be upgraded, since those that makes them don't care at all, even tough it probably has the cpu power to handle IPv6. And I haven't even started at the network equiment that exists between me as a ISP and my customer (this equiment is out of my control), that can't handle IPv6 even if my customer got an working CPE with IPv6. How fun is that? http://support.microsoft.com/kb/2533454/ Uh... -Bill -- //fredan
Re: Why no IPv6-only day (Was: Protocol-41 is not the only tunneling protocol)
Thus spake Owen DeLong (o...@delong.com) on Tue, Jun 07, 2011 at 05:37:00AM -0700: Things like happy-eyeballs diminish it even with perfect IPv6 connectivity. 100ms rtt doesn't cover the world and to make multi-homed servers (includes dual stack) work well clients will make additional connections. Is happy eyeballs actually running code ANYWHERE? Very similar, but with a static 300ms timer: http://code.google.com/p/chromium/issues/detail?id=81686 Dale
Re: v6 proof of life
On 06/07/2011 03:13 AM, Denis F. wrote: Le 07/06/2011 01:56, Paul Vixie a écrit : 44 2001:db8::230:48ff:fef2:f340 44 2001:db8::230:48ff:fef0:1de How can 2001:db8::/32 reach your machines ? Lack of ingress filtering on Mr. Vixie's part, and lack of egress filtering on whoever-owns-those-Supermicro-board's part. That's not to say there's a route back, by any means. Jima
skype
http://heartbeat.skype.com/ skype has been microsofted already. small number of users my ass. probably 7/8 of the users i would see at this time are not on. randy
Re: Why don't ISPs peer with everyone?
On Tue, 7 Jun 2011 bmann...@vacation.karoshi.com wrote: in this context, anyone who is a BGP speaker is an ISP. Peering costs money. The transit bandwidth saved by peering with another network may not be sufficient to cover the cost of installing and maintaining whatever connections are necessary to peer. Then there's the big networks who really don't want to peer with anyone other than similarly sized big networks...everyone else should be their transit customer. I manage a network that's primarily a hosting network. There's a similar hosting network at the other end of the building. We both have multiple gigs of transit. We don't peer with each other. Perhaps we should, because the cost of the connection would be negligible (I think we already have multiple fiber pairs between our suites), but looking at my sampled netflow data, I'm guessing we average about 100kbit/s or less traffic in each direction between us. At that low a level, is it even worth the time and trouble to coordinate setting up a peering connection, much less tying up a gigE port at each end? Anyone from hostdime reading this? :) If so, what are your thoughts? -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: skype
+1, My number is not working at all even the call not switching to voice mail. Regards, Aftab A. Siddiqui On Tue, Jun 7, 2011 at 6:40 PM, Randy Bush ra...@psg.com wrote: http://heartbeat.skype.com/ skype has been microsofted already. small number of users my ass. probably 7/8 of the users i would see at this time are not on. randy
Cox outage in Alexandria, Va.
One of my employees is reporting that Cox told her a backhoe cut a main line somewhere in the Alexandria, Virginia area earlier this morning. More than likely a fiber cut I'd imagine. Apparently it's affecting about 50,000 residential customers and has been down since 5 a.m. Anyone have more info? --- Andy Ringsmuth (402) 304-0083 andyr...@inebraska.com
RE: Why don't ISPs peer with everyone?
-Original Message- From: Jon Lewis [mailto:jle...@lewis.org] Sent: Tuesday, June 07, 2011 10:00 AM -snip- I manage a network that's primarily a hosting network. There's a similar hosting network at the other end of the building. We both have multiple gigs of transit. We don't peer with each other. Perhaps we should, because the cost of the connection would be negligible (I think we already have multiple fiber pairs between our suites), but looking at my sampled netflow data, I'm guessing we average about 100kbit/s or less traffic in each direction between us. At that low a level, is it even worth the time and trouble to coordinate setting up a peering connection, much less tying up a gigE port at each end? - 100kbit/s at 1ms is better than 100kbit/s at 1ms. We are hosting as well and some of our top 25 ASNs are other hosting networks, YMMV. -Drew
Re: skype
Is not working for me since early today, first the connection went down and later the application crashed ... I refuse to switch to MSN. I'm afraid that soon my monitor will explode if microsoft acquisition of NVIDIA goes through. BTW, after yesterday announcements at WWDC I wonder if there are some flying chairs at Redmond, Mr. Bald-mer is probably freaking out Cheers -J
Re: skype
On Jun 7, 2011, at 9:40 AM, Randy Bush wrote: http://heartbeat.skype.com/ skype has been microsofted already. small number of users my ass. probably 7/8 of the users i would see at this time are not on. On this topic, it has also been penetrated, by the Egyptian “Electronic Penetration Department, no less : http://www.mideastnewswire.com/skype-rebellion-hightech-listening Regards Marshall randy
Re: Why no IPv6-only day (Was: Protocol-41 is not the only tunneling protocol)
In message 8a6a00c3-bd6d-4fb4-ae82-73816dfd9...@delong.com, Owen DeLong write s: Things like happy-eyeballs diminish it even with perfect IPv6 connectivity. 100ms rtt doesn't cover the world and to make multi-homed servers (includes dual stack) work well clients will make additional connections. Is happy eyeballs actually running code ANYWHERE? Owen Chrome does something close using 300ms. There is code out there that does it and there really should be lots more of it as it mitigates lots of problems. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
RE: skype
I love how this story was published AFTER MSFT purchased them ;-) -- Leigh Porter -Original Message- From: Marshall Eubanks [mailto:t...@americafree.tv] Sent: 07 June 2011 15:28 To: Randy Bush Cc: NANOG Operators' Group Subject: Re: skype On Jun 7, 2011, at 9:40 AM, Randy Bush wrote: http://heartbeat.skype.com/ skype has been microsofted already. small number of users my ass. probably 7/8 of the users i would see at this time are not on. On this topic, it has also been penetrated, by the Egyptian Electronic Penetration Department, no less : http://www.mideastnewswire.com/skype-rebellion-hightech-listening Regards Marshall randy __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __ __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
Re: Cox outage in Alexandria, Va.
On Jun 7, 2011, at 10:13 AM, Andy Ringsmuth wrote: One of my employees is reporting that Cox told her a backhoe cut a main line somewhere in the Alexandria, Virginia area earlier this morning. More than likely a fiber cut I'd imagine. Apparently it's affecting about 50,000 residential customers and has been down since 5 a.m. Anyone have more info? --- Andy Ringsmuth (402) 304-0083 andyr...@inebraska.com Absolutely no problems on my home circuit in Clifton, Virginia (20124, 25 miles due West of Alexandria). Last time I checked I was connected to Head End 8. Regards Marshall
Re: UN declares Internet access a human right
Consider two alternatives : - Finance guns, soldier training, refugee camps, humanitarian ground help and political meetings and treaties to make a revolution happens in a (more or less controled) bloodshed OR - Take a strong position to preserve freedom of speech and wider use of the Internet as a mean to let the people self-organize in a political process, thus avoiding violent revolutions What do you think is best ? None of the above. If you don't walk the talk, all the talk is useless and only for the self benefit of the talking heads. -J
RE: skype
I love how this story was published AFTER MSFT purchased them ;-) http://plug2play.blogspot.com/2010/12/skypes-biggest-secret-revealed.html reverse engineering hack was reported back in mid December. On Jun 7, 2011, at 9:40 AM, Randy Bush wrote: http://heartbeat.skype.com/ skype has been microsofted already. small number of users my ass. probably 7/8 of the users i would see at this time are not on. On this topic, it has also been penetrated, by the Egyptian Electronic Penetration Department, no less : http://www.mideastnewswire.com/skype-rebellion-hightech-listening -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: Why no IPv6-only day (Was: Protocol-41 is not the only tunneling protocol)
On 07/06/11 15:28, Mark Andrews wrote: In message8a6a00c3-bd6d-4fb4-ae82-73816dfd9...@delong.com, Owen DeLong write s: Things like happy-eyeballs diminish it even with perfect IPv6 connectivity. 100ms rtt doesn't cover the world and to make multi-homed servers (includes dual stack) work well clients will make additional connections. Is happy eyeballs actually running code ANYWHERE? Owen Chrome does something close using 300ms. There is code out there that does it and there really should be lots more of it as it mitigates lots of problems. There's also a bug currently open for the equivalent functionality in Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=621558 -- Neil
Re: Why don't ISPs peer with everyone?
I'd like to foster a discussion here to better understand this, not rile anyone up. That said, what I see so far is a representation of those who do not recall the halcyon days before a rabid profit motive was the driving force behind ISPs. Peering in it's original sense is/was free. It was a swap of traffic. That profit motive has created the phrase settlement free peering to refer to the original definition so it seems like the free swap of traffic is the aberration. The big ISPs used to seek to balance content hosting and the customer load to avoid having to pay for any sort of transit. AOL was known to acquire companies which had huge downstream traffic for this purpose. Now we see ISPs waging an economic war with content providers wanting to find a way to charge, say, Google for allowing them to to pass their YouTube content along to the ISP's subscribers. This is the result of letting non-technical, profit-driven managers run the show and not the usually eager to cooperate network engineers who actually understand how this stuff works. The problem here is that the closer you are to the end user, the harder you're getting screwed, and not in a good way. The very large ISPs are doing real peering, and charging smaller, end-user focused ISPs high transit rates so that they can't possibly compete on price with the inferior, customer-service-impaired ISP end-user offerings. The US government has declined to enforce any sort of rule which might require the huge ISPs to grant wholesale-type access to their physical networks (for better or worse depending on your POV) or examine any of this cartel-type behavior under the light of monopoly rules. So please, short of socialism, and in light of the rampant legislation-for-sale culture in our government (how many FCC commissioners get jobs with huge ISPs?) how do we fix this? Please note: I'm not advocating socialism. I might advocate regulation a la public utilities. There is universal agreement that the internet is critical infrastructure. deregulating other utilities hasn't been uniformly successful, especially when measured from the consumers' point of view. Thoughts? Rob Sent from my iPad, so I can't have a fun sig. On Jun 7, 2011, at 10:00 AM, Jon Lewis jle...@lewis.org wrote: On Tue, 7 Jun 2011 bmann...@vacation.karoshi.com wrote: in this context, anyone who is a BGP speaker is an ISP. Peering costs money. The transit bandwidth saved by peering with another network may not be sufficient to cover the cost of installing and maintaining whatever connections are necessary to peer. Then there's the big networks who really don't want to peer with anyone other than similarly sized big networks...everyone else should be their transit customer. I manage a network that's primarily a hosting network. There's a similar hosting network at the other end of the building. We both have multiple gigs of transit. We don't peer with each other. Perhaps we should, because the cost of the connection would be negligible (I think we already have multiple fiber pairs between our suites), but looking at my sampled netflow data, I'm guessing we average about 100kbit/s or less traffic in each direction between us. At that low a level, is it even worth the time and trouble to coordinate setting up a peering connection, much less tying up a gigE port at each end? Anyone from hostdime reading this? :) If so, what are your thoughts? -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
RE: skype
From: Raymond Burkholder [mailto:r...@oneunified.net] I love how this story was published AFTER MSFT purchased them ;-) http://plug2play.blogspot.com/2010/12/skypes-biggest-secret- revealed.html reverse engineering hack was reported back in mid December. Indeed, but reverse engineered and Egyptian government snooping Skype calls are quite different. Whilst some people may have rather foolishly relied on Skype for privacy, this is now not going to happen. I doubt it'll make a big dent on the user base though. -- Leigh Porter __ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email __
Re: Why don't ISPs peer with everyone?
- Original Message - From: Owen DeLong o...@delong.com So far, it seems to be working pretty well for us. I encourage others to follow our lead in this regard as it truly does make a more functional internet. I concur, and I specifically would like to see a lot more *geographically* local peering, so packets from Roar Runner[1] Tampa Bay to FiOS Tampa Bay don't have to clog up an exchang point in Reston or Dallas; this stuff *will* eventually bite us in another Katrina-scale event. Cheers, -- jra [1]Roar Runner was a typo, but given most of what the Internet is used for these days[2], it's so funny I'm going to leave it in. [2]Recreational Indignation. -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: Why don't ISPs peer with everyone?
On Jun 7, 2011, at 11:42 AM, Jay Ashworth wrote: I concur, and I specifically would like to see a lot more *geographically* local peering, so packets from Roar Runner[1] Tampa Bay to FiOS Tampa Bay don't have to clog up an exchang point in Reston or Dallas; this stuff *will* eventually bite us in another Katrina-scale event. What I've found interesting is the cost of circuits seem to not be distance-sensitive. I think this will contribute to mega-regional peering for the foreseeable future. (ie: dc, sj, dfw, chi, nyc, etc…) Unless these costs come closer to reflecting a balance then I suspect we will continue to see this regional networking. I had a hard time getting people to interconnect even in the CLEC COLO spaces. very few people had bgp capable devices in those locations, while they were big and had traffic, the gear for running bgp just wasn't there. - Jared
RE: Why don't ISPs peer with everyone?
Content providers (e.g. Netflix, Hulu, YouTube) will always try to get their content serviced for little to no cost. The low cost, web-only plan isn't sustainable, and the amount of Netflix traffic around the globe is a good example; There's a lot of traffic that they aren't paying for. The free market only works if entities self-police. But as has been expertly stated, there's no money in that. I had an idea, I'm sure it's been said before: If we actually had solid Tier 1 vs Tier 2 vs Tier 3 thresholds, and we could come up with an agreeable metric, we might be able to minimize the impact of bandwidth hogs (sorry Netflix, pointing at you). So, if you are a Tier 1, you are required to have at least 10 piers in 10 locations, 5 of which must be Tier 1 providers. If you are Tier 2, that number is halved. It could be a combination of having the status of being a Tier 1 provider, but the major benefit is a reduction of the diameter of the Internet. Even done by continent, this could offer enough parallel paths to help address (potentially) the cost of doing business. I think we would need to have something similar for content providers. To reach Tier 1 status, you are required to have 10 piers in 10 locations, which should cover a set multiple of your total bandwidth (1 TB if it is 500 GB, etc) For reaching different tiers, they could receive a price break on the cost of Internet circuits. There would also need to be a middle ground somewhere. Circuits would either need to stop being unlimited or have service thresholds. For exceeding, the content provider would be liable to pay X amount per Gigabit of bandwidth. This would then force Content providers to scale their business rather than relying on the upstream providers' upstream provider to do so. Not perfect by a great margin, but I think something like that could help. Sincerely, Brian A . Rettke -Original Message- From: Robert F Maxwell [mailto:rmaxw...@umd.edu] Sent: Tuesday, June 07, 2011 7:45 AM To: Jon Lewis Cc: bmann...@vacation.karoshi.com; nanog@nanog.org Subject: Re: Why don't ISPs peer with everyone? I'd like to foster a discussion here to better understand this, not rile anyone up. That said, what I see so far is a representation of those who do not recall the halcyon days before a rabid profit motive was the driving force behind ISPs. Peering in it's original sense is/was free. It was a swap of traffic. That profit motive has created the phrase settlement free peering to refer to the original definition so it seems like the free swap of traffic is the aberration. The big ISPs used to seek to balance content hosting and the customer load to avoid having to pay for any sort of transit. AOL was known to acquire companies which had huge downstream traffic for this purpose. Now we see ISPs waging an economic war with content providers wanting to find a way to charge, say, Google for allowing them to to pass their YouTube content along to the ISP's subscribers. This is the result of letting non-technical, profit-driven managers run the show and not the usually eager to cooperate network engineers who actually understand how this stuff works. The problem here is that the closer you are to the end user, the harder you're getting screwed, and not in a good way. The very large ISPs are doing real peering, and charging smaller, end-user focused ISPs high transit rates so that they can't possibly compete on price with the inferior, customer-service-impaired ISP end-user offerings. The US government has declined to enforce any sort of rule which might require the huge ISPs to grant wholesale-type access to their physical networks (for better or worse depending on your POV) or examine any of this cartel-type behavior under the light of monopoly rules. So please, short of socialism, and in light of the rampant legislation-for-sale culture in our government (how many FCC commissioners get jobs with huge ISPs?) how do we fix this? Please note: I'm not advocating socialism. I might advocate regulation a la public utilities. There is universal agreement that the internet is critical infrastructure. deregulating other utilities hasn't been uniformly successful, especially when measured from the consumers' point of view. Thoughts? Rob Sent from my iPad, so I can't have a fun sig. On Jun 7, 2011, at 10:00 AM, Jon Lewis jle...@lewis.org wrote: On Tue, 7 Jun 2011 bmann...@vacation.karoshi.com wrote: in this context, anyone who is a BGP speaker is an ISP. Peering costs money. The transit bandwidth saved by peering with another network may not be sufficient to cover the cost of installing and maintaining whatever connections are necessary to peer. Then there's the big networks who really don't want to peer with anyone other than similarly sized big networks...everyone else should be their transit customer. I manage a network that's primarily a hosting network. There's a similar
Re: Why don't ISPs peer with everyone?
On Tue, Jun 07, 2011 at 10:15:48AM -0400, Drew Weaver wrote: -Original Message- From: Jon Lewis [mailto:jle...@lewis.org] Sent: Tuesday, June 07, 2011 10:00 AM -snip- I manage a network that's primarily a hosting network. There's a similar hosting network at the other end of the building. We both have multiple gigs of transit. We don't peer with each other. Perhaps we should, because the cost of the connection would be negligible (I think we already have multiple fiber pairs between our suites), but looking at my sampled netflow data, I'm guessing we average about 100kbit/s or less traffic in each direction between us. At that low a level, is it even worth the time and trouble to coordinate setting up a peering connection, much less tying up a gigE port at each end? - 100kbit/s at 1ms is better than 100kbit/s at 1ms. True, but the point being made is: how *much* better? Is it enough better to justify the cost of installing and maintaining another peering link? - Matt -- Ah, the beauty of OSS. Hundreds of volunteers worldwide volunteering their time inventing and implementing new, exciting ways for software to suck. -- Toni Lassila, in the Monastery
Re: skype
Indeed, but reverse engineered and Egyptian government snooping Skype calls are quite different. Whilst some people may have rather foolishly relied on Skype for privacy, this is now not going to happen. I doubt it'll make a big dent on the user base though. Skype privacy ? hehe, the only way to have privacy is under Control's cone of silence. Carrier Detected-Connected-LinkUp-PrivacyGone -J
Re: IPv6 Availability on XO
I turned up ipv6 on a 10gig in the Boston market with XO today. They'll definitely do it, but it might take a bit of pushing on an account manager. I've also turned up ipv6 with Level(3), and have noted the same incompleteness of the routing table. It will be a shame if the majority of complaints on the 8th are related to reachability, and not truly representative of host stack and/or application issues. Regards, --phil On Jun 5, 2011, at 4:32 PM, Luke Marrott wrote: We have a 10GigE connection with XO in Utah and have gotten little to no response from XO on our IPv6 requests for months. We finally got our L3 IPv6, but they don't have a complete routing table. :Luke Marrott smime.p7s Description: S/MIME cryptographic signature
Re: v6 proof of life
Jima na...@jima.tk writes: 44 2001:db8::230:48ff:fef2:f340 44 2001:db8::230:48ff:fef0:1de How can 2001:db8::/32 reach your machines ? Lack of ingress filtering on Mr. Vixie's part, ... indeed. i had no idea. and lack of egress filtering on whoever-owns-those-Supermicro-board's part. That's not to say there's a route back, by any means. i'll bet i'm not alone in seeing traffic from this prefix. as a rootop i can tell you that we see plenty of queries from ipv4 rfc1918 as well. -- Paul Vixie KI6YSY
Re: Why don't ISPs peer with everyone?
On Wed, 8 Jun 2011, Matthew Palmer wrote: netflow data, I'm guessing we average about 100kbit/s or less traffic in each direction between us. At that low a level, is it even worth the time and trouble to coordinate setting up a peering connection, much less tying up a gigE port at each end? - 100kbit/s at 1ms is better than 100kbit/s at 1ms. True, but the point being made is: how *much* better? Is it enough better to justify the cost of installing and maintaining another peering link? Additionally, we share at least one common transit provider, so we'd be trading 1ms for 1-2ms. Obviously, if we were talking about a leased line with any MRC, the answer would be hell no. Since we're able to utilize fiber inside the building with no MRC, the answer is more of a why bother? It's not going to save either of us any meaningful amount of transit bandwidth $/capacity. -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
RE: Cogent?
Correct -Original Message- From: Erik Bais [mailto:eb...@a2b-internet.com] Sent: Tuesday, June 07, 2011 6:46 AM To: 'Chris McDonald'; Ryan Finnesey; 'NANOG' Subject: RE: Cogent? As in sales? Isn't that all they have? He probably means who understands the business. Erik
RE: Cogent?
I have not been able to find a group within Cogent that sells services to other carriers. Been trying to get access to a lot of the fiber Cogent has running into buildings. Cheers Ryan -Original Message- From: Chris McDonald [mailto:copraph...@gmail.com] Sent: Tuesday, June 07, 2011 6:27 AM To: Ryan Finnesey; NANOG Subject: Re: Cogent? As in sales? Isn't that all they have? On 6/7/11, Ryan Finnesey ryan.finne...@harrierinvestments.com wrote: Does cogent have a true carrier/wholesale team? Cheers Ryan Sent from my Windows Phone -- Sent from my mobile device
Re: Why don't ISPs peer with everyone?
On Tue, Jun 07, 2011 at 11:52:31AM -0400, Jared Mauch wrote: What I've found interesting is the cost of circuits seem to not be distance-sensitive. I think this will contribute to mega-regional peering for the foreseeable future. (ie: dc, sj, dfw, chi, nyc, etcbble devices in those locations, while they were big and had traffic, the gear for running bgp just wasn't there. - Jared well - no BGP, != an ISP :) this sounds very much like the folks who wanted to put up a south asian IX in guam. lots and lots of fiber pairs landed there, but it was just repeaterd and pushed back into the water. No kit for peering there. (other problems w/ Guam left as an academic eercise) /bill
Re: Why don't ISPs peer with everyone?
On Tue, Jun 7, 2011 at 9:08 AM, Rettke, Brian brian.ret...@cableone.bizwrote: Content providers (e.g. Netflix, Hulu, YouTube) will always try to get their content serviced for little to no cost. The low cost, web-only plan isn't sustainable, and the amount of Netflix traffic around the globe is a good example; There's a lot of traffic that they aren't paying for. The free market only works if entities self-police. But as has been expertly stated, there's no money in that. I had an idea, I'm sure it's been said before: If we actually had solid Tier 1 vs Tier 2 vs Tier 3 thresholds, and we could come up with an agreeable metric, we might be able to minimize the impact of bandwidth hogs (sorry Netflix, pointing at you). First - I don't work for Netflix! I'm a consumer of their product and a network engineer who mostly gets stuff. So I'd like to offer a point of distinction that's kinda bugged me whenever these conversations pop up here: Netflix the company doesn't consume bandwidth nor are *they* a bandwidth hog. The consumer is the bandwidth hog. And the consumer pays their ISP for that bandwidth. ISP's over provision in the hopes that most folks won't use what they are paying for and to help keep costs down (very valid). Companies like Netflix and even Google (I don't know this for a fact - just making logical assumptions) are not going to rely on peering arrangements of ISPs to deliver 100% of their traffic. If they did they'd place their business model in the hands of network operators who don't have Netflix's best interests in mind. They are going to use caching like products or services to bring their content closer to the consumer, develop them to be bandwidth and latency aware, or even make peering arrangements on their own (to your point). These peering arrangements and products they purchase / pay for are most likely located within Tier 1 networks in the USA. So technically, if my assumptions are correct, Netflix probably is paying for their bandwidth that exits their network. And the consumer is paying for their bandwidth. Now - Netflix like content providers may cause some of the ISP's to rethink their over provisioning strategies, but that's not my problem. I'm paying for my bandwidth, therefore, I want to use it for what I want when I want. It's my ISP's job to deliver what I'm paying for. This is just my .02 and that tangent is over for now! To the original poster - I think it'd be technically impossible to have every ISP plugged into every ISP, physically ($$ issues aside). How many ISPs are there and how many routers / ports would you need? And I'm pretty sure that most Tier 1 ISP's peer with each other - but that's an assumption not made of fact. Maybe someday when there really are no bandwidth or latency limitations an overlay routing model could abstract the physical issues we all deal with and everyone can logically peer with everyone (although I'm not sure even that would make sense) but until then a hierarchical model (Tier 1 vs Tier2 etc..) seems to me to make the most sense. Anyway, the implementation of that hierarchical Internet is driven by $$ of course. Kenny
RE: Microsoft's participation in World IPv6 day
I'm in the US -- could very well be available only in the N.A. market. Manuals have not been updated -- it's running with pre-GA code. Frank -Original Message- From: fredrik danerklint [mailto:fredan-na...@fredan.se] Sent: Tuesday, June 07, 2011 7:45 AM To: nanog@nanog.org Cc: frnk...@iname.com Subject: Re: Microsoft's participation in World IPv6 day Two thing about this one after have read the manual of this product. This is probably for the american market. I'm in europe. Second, nowhere in their manual is the word ipv6 or v6 found. Have a ZyXEL VSG1432 right behind me where the IPv6 works pretty good (http://www.getipv6.info/index.php/Broadband_CPE#DSL). All the DSL modem vendors could stand improving their GUI. Frank -Original Message- From: fredrik danerklint [mailto:fredan-na...@fredan.se] Sent: Friday, June 03, 2011 7:27 AM To: nanog@nanog.org Subject: Re: Microsoft's participation in World IPv6 day The problem is not all on Microsoft at this case. For example; I've bought a ZyXEL P-2612HNU-F1(which has 802.11n Wireless ADSL 2+ 4-port gateway 2 SIP 2 USB 3G Backup) in december 2010. It basiclly has everything in it. How do I as a customer do to have a working IPv6 setup on this modem since ZyXEL, basicilly, has decide that it will not support IPv6 at all? I mean, you can not say it does not have the the cpu power for handling IPv6 when it can also act as a fileserver and a printserver for example. What they (ZyXEL) are saying to me (for not haveing IPv6 at this moment) is that they don't have the skills to implement IPv6 in their current products. Think about all the CPE that will not be upgraded, since those that makes them don't care at all, even tough it probably has the cpu power to handle IPv6. And I haven't even started at the network equiment that exists between me as a ISP and my customer (this equiment is out of my control), that can't handle IPv6 even if my customer got an working CPE with IPv6. How fun is that? http://support.microsoft.com/kb/2533454/ Uh... -Bill -- //fredan
ipv6 day DDoS threat?
I got an interesting contact from a large company that I will leave un-named for the moment. They said that they heard specific chatter about DDoS of IPv6 day participant sites and even more specifically about our website. Of course they have also offered to assist us in preventing this from affecting our site. I'm very skeptical about even calling said company at this point. I'm really feeling like this is a shakedown and was wondering if anyone else had been approached in a similar fashion? Mark Pace
Re: ipv6 day DDoS threat?
On Tue, 07 Jun 2011 13:42:40 -0500, Mark Pace p...@jolokianetworks.com wrote: I got an interesting contact from a large company that I will leave un-named for the moment. They said that they heard specific chatter about DDoS of IPv6 day participant sites and even more specifically about our website. Of course they have also offered to assist us in preventing this from affecting our site. I'm very skeptical about even calling said company at this point. I'm really feeling like this is a shakedown and was wondering if anyone else had been approached in a similar fashion? Mark Pace Just got the same phone call from A large company and it was a sales call. They are offering DDoS mitigation services I'll pass :) -=Tom Donnelly -- Using Opera's revolutionary email client: http://www.opera.com/mail/
Re: ipv6 day DDoS threat?
On 06/07/2011 01:42 PM, Mark Pace wrote: I got an interesting contact from a large company that I will leave un-named for the moment. It wasn't Radware, was it? http://www.networkworld.com/news/2011/060611-ipv6-security.html If not, it would seem that there's no shortage of IPv6 FUD this week. Jima
Re: ipv6 day DDoS threat?
In a message written on Tue, Jun 07, 2011 at 11:42:40AM -0700, Mark Pace wrote: I got an interesting contact from a large company that I will leave un-named for the moment. They said that they heard specific chatter about DDoS of IPv6 day participant sites and even more specifically about our website. Of course they have also offered to assist us in I thought the goal was to get everyone to try out IPv6. Doesn't that include the miscreants? :) -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ pgpba7TreTsZc.pgp Description: PGP signature
Re: ipv6 day DDoS threat?
On Tue, 07 Jun 2011 14:01:59 -0500, Jima na...@jima.tk wrote: On 06/07/2011 01:42 PM, Mark Pace wrote: I got an interesting contact from a large company that I will leave un-named for the moment. It wasn't Radware, was it? http://www.networkworld.com/news/2011/060611-ipv6-security.html If not, it would seem that there's no shortage of IPv6 FUD this week. Jima I can confirm it was not Radware. -- Using Opera's revolutionary email client: http://www.opera.com/mail/
RE: ipv6 day DDoS threat?
We got the same call. I think they just trolled on through the IPv6Day participants list. They indicated that we were likely to be 'specifically targeted' as a result of 'putting ourselves out there'. I suspect it's merely a misprogrammed sales drone spewing fear-infused garbage. The caller claimed to represent Verisign (though we took no steps to verify that claim). If anyone from Verisign is on the list, you may want to look into this, especially if this is actually coming from one of your employees. Nathan -Original Message- From: Mark Pace [mailto:p...@jolokianetworks.com] Sent: Tuesday, June 07, 2011 11:43 AM To: nanog@nanog.org Subject: ipv6 day DDoS threat? I got an interesting contact from a large company that I will leave un-named for the moment. They said that they heard specific chatter about DDoS of IPv6 day participant sites and even more specifically about our website. Of course they have also offered to assist us in preventing this from affecting our site. I'm very skeptical about even calling said company at this point. I'm really feeling like this is a shakedown and was wondering if anyone else had been approached in a similar fashion? Mark Pace
RE: ipv6 day DDoS threat?
We too just received this phone call. The company was Verisign, felt an awful lot like a protection racket. Very unwelcomed phone call. Buyer Beware. ^1qaz2wsx^
RE: ipv6 day DDoS threat?
Hehe.. yeah, no thanks - I'll do it myself with our existing DDOS mitigation. ;) Paul -Original Message- From: Thomas Donnelly [mailto:tad1...@gmail.com] Sent: Tuesday, June 07, 2011 2:57 PM To: nanog@nanog.org Subject: Re: ipv6 day DDoS threat? On Tue, 07 Jun 2011 13:42:40 -0500, Mark Pace p...@jolokianetworks.com wrote: I got an interesting contact from a large company that I will leave un-named for the moment. They said that they heard specific chatter about DDoS of IPv6 day participant sites and even more specifically about our website. Of course they have also offered to assist us in preventing this from affecting our site. I'm very skeptical about even calling said company at this point. I'm really feeling like this is a shakedown and was wondering if anyone else had been approached in a similar fashion? Mark Pace Just got the same phone call from A large company and it was a sales call. They are offering DDoS mitigation services I'll pass :) -=Tom Donnelly -- Using Opera's revolutionary email client: http://www.opera.com/mail/
Re: ipv6 day DDoS threat?
On 7 Jun 2011, at 20:04, Leo Bicknell wrote: I thought the goal was to get everyone to try out IPv6. Doesn't that include the miscreants? :) Well, if I was evil I'd be looking for IPv6 back doors tomorrow... Tim
Re: ipv6 day DDoS threat?
I can confirm, it was indeed Verisign who emailed me with the same message. I am slightly disappointed by this course of action, needless to say I am not surprised, because this kind of behavior is expected from sales people. I had a bit more respect for them, however... -ck On Tue, Jun 7, 2011 at 12:04 PM, Nathan Eisenberg nat...@atlasnetworks.uswrote: We got the same call. I think they just trolled on through the IPv6Day participants list. They indicated that we were likely to be 'specifically targeted' as a result of 'putting ourselves out there'. I suspect it's merely a misprogrammed sales drone spewing fear-infused garbage. The caller claimed to represent Verisign (though we took no steps to verify that claim). If anyone from Verisign is on the list, you may want to look into this, especially if this is actually coming from one of your employees. Nathan -Original Message- From: Mark Pace [mailto:p...@jolokianetworks.com] Sent: Tuesday, June 07, 2011 11:43 AM To: nanog@nanog.org Subject: ipv6 day DDoS threat? I got an interesting contact from a large company that I will leave un-named for the moment. They said that they heard specific chatter about DDoS of IPv6 day participant sites and even more specifically about our website. Of course they have also offered to assist us in preventing this from affecting our site. I'm very skeptical about even calling said company at this point. I'm really feeling like this is a shakedown and was wondering if anyone else had been approached in a similar fashion? Mark Pace
Re: ipv6 day DDoS threat?
On Tue, 07 Jun 2011 20:18:11 BST, Tim Chown said: On 7 Jun 2011, at 20:04, Leo Bicknell wrote: I thought the goal was to get everyone to try out IPv6. Doesn't that include the miscreants? :) Well, if I was evil I'd be looking for IPv6 back doors tomorrow... No, that's when everybody will be looking closely for the smallest sign of wonkyness. What the *truly* evil will do is wait till Thursday for all the sites that forgot to turn IPv6 off. Or you got whacked last night and don't know it yet. ;) pgptfPvlU9LXl.pgp Description: PGP signature
Re: Why don't ISPs peer with everyone?
On Jun 6, 2011, at 12:53 PM, Justin M. Streiner wrote: On Mon, 6 Jun 2011, rucasbr...@hushmail.com wrote: All the whole don't peer with this guy only makes your customers have worse latencies and paths to other people, making the Internet less healthy. Not necessarily. Peering with an ISP who wants to take the traffic between your network and theirs through a saturated pipe, an overloaded router, or across an MPLS pipe with 13 underlying hops (each of which could be a choke point themselves) will not make your end-to-end latencies any better. As others have mentioned, some ISPs do have friendly peering policies. This is particularly true for ISPs that are co-located at the same IXP, because much of the opex is already baked into the ISP's relationship with the IXP. The reason most of the larger ISPs, particularly those who live in the DFZ, have peering policies (especially for settlement-free peering) that could be construed as less friendly to smaller networks is because those guys want to sell you transit, rather than let you peer for free, or for less than a the full transit rate. It doesn't make financial sense for them to exchange bits with you for free, when they can make money off of those same bits if you buy transit instead. carrying packets long distances cost more than carrying them short distances... large networks have an incentive to have the cost of that conveyance be reflected in peering relationship figuring out what if relationship makes sense in the marginal sense implies both parties see mutual benifit. jms
RE: Microsoft's participation in World IPv6 day
Bill Woodcock [mailto:wo...@pch.net] spake: http://support.microsoft.com/kb/2533454/ Uh... This does rather assume that users can access Google/Bing (both IPv6 day participants) to search for a solution to the problems they are experiencing, and then that they can actually access the KB article... j.
Re: automated router config back up - summary
There is also http://sourceforge.net/projects/dis -- The latest version in CVS is best. It's a project I wrote for use at a previous employer, which downloads tens of thousands of configs per night. It also facilitates easier development of device scripts and their parallel execution, deployment of OS upgrades to cisco gear (not difficult to extend to other devices), as well as automates interactive login. --phil On Jun 7, 2011, at 4:41 AM, Phil Regnauld wrote: Ok, so based on what's been written here, here is the list of tools mentioned so far smime.p7s Description: S/MIME cryptographic signature
RE: Microsoft's participation in World IPv6 day
We're very concerned about permanently configuring hosts into a non-standard state. That is one reason our World IPv6 Day fix is only a temporary modification of the Windows sorting order and isn't being pushed through Windows Update. Permanently disabling IPv6 as a solution to the IPv6 brokenness issue is NOT recommended. Turning a transitory problem (hosts on broken networks) into a permanent problem (hosts that don't use IPv6 correctly) - risks creating a serious long-term headache. christopher.pal...@microsoft.com Program Manager IPv6 @ Windows -Original Message- From: Jima [mailto:na...@jima.tk] Sent: Thursday, June 02, 2011 4:21 PM To: nanog@nanog.org Subject: Re: Microsoft's participation in World IPv6 day On 2011-06-02 17:26, Bill Woodcock wrote: http://support.microsoft.com/kb/2533454/ Uh... While I'm far from a Microsoft apologist (not really even a fan, TBH), it's worth pointing out that they're not pushing this out via Windows Update or anything. It's intended only as a remedy for the (as they themselves claim) 0.1% of users who may encounter issues next Wednesday: http://blogs.technet.com/b/ipv6/archive/2011/02/11/ipv6-day.aspx Fun as it might be to take it out of context, at least they're not telling people to disable IPv6 entirely (like some organizations still are). Jima
Spare part handling in the LA area
Hi Nanog We are an ISP/ASP in New Zealand, but we have a presence in Equinix LA1. We are looking for a services company that can store spare router/mux parts in the LA area, and who can deliver with a good SLA to the Equinix LA1 site. We will eventually be looking for the same type of service in the San Jose area, so a company that has a wide presence would be preferred. Please contact me off list if you have suggestions/recommendations Happy ipv6 day! J Regards Simon Allard Head of Networks Orcon
IPv6 day fun is beginning!
www.juniper.net is on IPv6 www.facebook.com has but doesn't load for me over IPv6, it does for others though www.level3.com works fine over v4 but shows a 404 over IPv6 www.simobil.si is temporarily unavailable over IPv6 but works fine over IPv4
Re: IPv6 day fun is beginning!
On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote: www.facebook.com has but doesn't load for me over IPv6, it does for others though If you go to www.v6.facebook.com it works, but it seems they have some problem on their main site. I am seeing some issues reaching them over IPv6. - Jared
Re: Why don't ISPs peer with everyone?
On 6/7/2011 11:38 AM, Jon Lewis wrote: Additionally, we share at least one common transit provider, so we'd be trading 1ms for 1-2ms. Obviously, if we were talking about a leased line with any MRC, the answer would be hell no. Since we're able to utilize fiber inside the building with no MRC, the answer is more of a why bother? It's not going to save either of us any meaningful amount of transit bandwidth $/capacity. That's what it really boils down to. How much money can be saved versus performance. If I'm doing a lot of throughput to a specific network, it makes sense that I might want to connect to them, especially if that connection either 1) saves me money or 2) gives me superior QOS/load balancing without a cost increase. Anything less than 200mbit of traffic isn't even worth me considering these days, and as I grow, I'm sure that number will increase. Content providers generally won't peer unless you meet certain traffic requirements for the same reason. Jack
Re: IPv6 day fun is beginning!
On 6/7/2011 6:15 PM, Jared Mauch wrote: On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote: www.facebook.com has but doesn't load for me over IPv6, it does for others though If you go to www.v6.facebook.com it works, but it seems they have some problem on their main site. I am seeing some issues reaching them over IPv6. - Jared At this second, I don't see the , though they may only be providing it to v6 dns servers? Jack
RE: IPv6 day fun is beginning!
No issues connecting to FB for me on IPv6 (both to www.v6.facebook.com and to the returned by www.facebook.com now). Interesting (perhaps) side note - www.facebook.com has a , but facebook.com does not. Google / Youtube records are up and running nicely also. J. -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Tuesday, June 07, 2011 7:15 PM To: Iljitsch van Beijnum Cc: NANOG list Subject: Re: IPv6 day fun is beginning! On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote: www.facebook.com has but doesn't load for me over IPv6, it does for others though If you go to www.v6.facebook.com it works, but it seems they have some problem on their main site. I am seeing some issues reaching them over IPv6. - Jared
Re: IPv6 day fun is beginning!
On Jun 7, 2011, at 7:19 PM, Jack Bates wrote: On 6/7/2011 6:15 PM, Jared Mauch wrote: On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote: www.facebook.com has but doesn't load for me over IPv6, it does for others though If you go to www.v6.facebook.com it works, but it seems they have some problem on their main site. I am seeing some issues reaching them over IPv6. - Jared At this second, I don't see the , though they may only be providing it to v6 dns servers? They were serving up 2620:0:1cff:ff01::23 from my universe, but it was not accepting tcp/80 requests. They also may have pulled the trigger a bit earlier than expected.. This may explain the problem if people confused 2300 with due to daylight savings time or something else. - Jared
Re: IPv6 day fun is beginning!
- Original Message - From: John Herbert john.herb...@usc-bt.com No issues connecting to FB for me on IPv6 (both to www.v6.facebook.com and to the returned by www.facebook.com now). Interesting (perhaps) side note - www.facebook.com has a , but facebook.com does not. And thefacebook.com? :-) Cheers, -- jr 'Yes; that's operational. How many obscure aliases do *you* have?' a -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: Why don't ISPs peer with everyone?
2011/6/8 Jack Bates jba...@brightok.net: That's what it really boils down to. How much money can be saved versus performance. If I'm doing a lot of throughput to a specific network, it makes sense that I might want to connect to them, especially if that connection either 1) saves me money or 2) gives me superior QOS/load balancing without a cost increase. Anything less than 200mbit of traffic isn't even worth me considering these days, and as I grow, I'm sure that number will increase. Content providers generally won't peer unless you meet certain traffic requirements for the same reason. That's certainly a valid approach for direct (private) peering, it's not applicable to IXPs offering route servers. -- Jérôme Nicolle
Re: Why don't ISPs peer with everyone?
On 6/7/2011 6:39 PM, Jérôme Nicolle wrote: That's certainly a valid approach for direct (private) peering, it's not applicable to IXPs offering route servers. In my case, I have to justify the long haul to an IXP as appropriate cost savings, and given that haul often costs more than I pay for transit, it still hasn't justified. Perhaps when I get to multiple 10GE traffic loads and justify leasing a 600 mile dark fiber ring to DFW. Jack
Re: IPv6 day fun is beginning!
yahoo is already serving up the as well. Thanks Igor! Looking forward to seeing the traffic spike today :) - Jared On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote: www.juniper.net is on IPv6 www.facebook.com has but doesn't load for me over IPv6, it does for others though www.level3.com works fine over v4 but shows a 404 over IPv6 www.simobil.si is temporarily unavailable over IPv6 but works fine over IPv4
Re: IPv6 day fun is beginning!
On 06/07/2011 07:22 PM, john.herb...@usc-bt.com wrote: No issues connecting to FB for me on IPv6 (both to www.v6.facebook.com and to the returned by www.facebook.com now). Interesting (perhaps) side note - www.facebook.com has a , but facebook.com does not. Google / Youtube records are up and running nicely also. J. -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Tuesday, June 07, 2011 7:15 PM To: Iljitsch van Beijnum Cc: NANOG list Subject: Re: IPv6 day fun is beginning! On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote: www.facebook.com has but doesn't load for me over IPv6, it does for others though If you go to www.v6.facebook.com it works, but it seems they have some problem on their main site. I am seeing some issues reaching them over IPv6. - Jared Here I don't see any v6 for either facebook.com or www.facebook.com (I run my own resolver from within comcast, and the resolver and my boxes are all v6 enabled and dual-stacked, have been for over a year). I did see a cute pair of puns in cisco's v6-day address: cisco.v6day.akadns.net has IPv6 address 2001:420:80:1:c:15c0:d06:f00d (check the last 32 bits, and the 32 before...) -- Pete
Re: IPv6 day fun is beginning!
On 06/07/2011 07:56 PM, Pete Carah wrote: On 06/07/2011 07:22 PM, john.herb...@usc-bt.com wrote: No issues connecting to FB for me on IPv6 (both to www.v6.facebook.com and to the returned by www.facebook.com now). Interesting (perhaps) side note - www.facebook.com has a , but facebook.com does not. Google / Youtube records are up and running nicely also. Here I don't see any v6 for either facebook.com or www.facebook.com (I run my own resolver from within comcast, and the resolver and my boxes are all v6 enabled and dual-stacked, have been for over a year). Google must be exercising very fine control over their dns; it turned v6 on at 19:58 exactly. Yahoo's is still not on as seen from here. www.facebook.com (but not facebook.com) just turned on here too (after google). another hex-speak spelling... -- Pete
Re: IPv6 day fun is beginning!
This is from Sweden. $ dig any www.facebook.com @ns1.facebook.com ; DiG 9.7.3 any www.facebook.com @ns1.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 61742 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ANY ;; AUTHORITY SECTION: www.facebook.com. 86400 IN NS glb1.facebook.com. www.facebook.com. 86400 IN NS glb2.facebook.com. ;; ADDITIONAL SECTION: glb1.facebook.com. 3600IN A 69.171.239.10 glb2.facebook.com. 3600IN A 69.171.255.10 ;; Query time: 58 msec ;; SERVER: 204.74.66.132#53(204.74.66.132) ;; WHEN: Wed Jun 8 02:01:37 2011 ;; MSG SIZE rcvd: 104 No records at the moment. Checked alll their nameservers. -- //fredan
Re: IPv6 day fun is beginning!
I'll be watching this page probably. http://www.worldipv6day.org/participants/
Re: IPv6 day fun is beginning!
On 8 jun 2011, at 2:02, Pete Carah wrote: www.facebook.com (but not facebook.com) just turned on here too (after google). another hex-speak spelling... I'm using my iPhone as the IPv6-only canary. www.facebook.com now seems to work, but it redirects to m.facebook.com which doesn't have IPv6. This seems to be a trend, yahoo and cnn do the same thing. Annoying.
Re: Why don't ISPs peer with everyone?
On Mon, Jun 6, 2011 at 6:19 PM, rucasbr...@hushmail.com wrote: why don't ISPs peer with every other ISP? 1. For those who can pull it off, getting paid twice for each packet is better than getting paid once. 2. Your service has a value per byte and a cost per byte. If your value is less than your cost, you go out of business. Open peering facilitates greater consumption on the part of your customers. Unless you're structured to charge them more for that increased consumption, it reduces the value of each byte you pass. Unless you're peering with someone in the same or higher tier (who you'd otherwise have to pay for transit) the odds are you're reducing the value of your bytes faster than you're reducing your cost. Personally, I'd love to see 95th percentile billing applied universally with everybody getting a large pipe the same way everybody gets a 200 amp electrical service. The problem with that notion is that A) consumers are hooked on unlimited, and B) your toaster doesn't get hacked and start consuming 200 amps all day without your knowledge. Regards, Bill Herrin -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004
Re: IPv6 day fun is beginning!
On 6/7/2011 17:04, fredrik danerklint wrote: This is from Sweden. $ dig any www.facebook.com @ns1.facebook.com ; DiG 9.7.3 any www.facebook.com @ns1.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 61742 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ANY ;; AUTHORITY SECTION: www.facebook.com. 86400 IN NS glb1.facebook.com. www.facebook.com. 86400 IN NS glb2.facebook.com. ;; ADDITIONAL SECTION: glb1.facebook.com. 3600IN A 69.171.239.10 glb2.facebook.com. 3600IN A 69.171.255.10 ;; Query time: 58 msec ;; SERVER: 204.74.66.132#53(204.74.66.132) ;; WHEN: Wed Jun 8 02:01:37 2011 ;; MSG SIZE rcvd: 104 No records at the moment. Checked alll their nameservers. Same results here, western US. ~Seth
Re: IPv6 day fun is beginning!
I'm getting v6 for facebook now. -Randy -- | Randy Carpenter | Vice President - IT Services | Red Hat Certified Engineer | First Network Group, Inc. | (800)578-6381, Opt. 1 - Original Message - This is from Sweden. $ dig any www.facebook.com @ns1.facebook.com ; DiG 9.7.3 any www.facebook.com @ns1.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 61742 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ANY ;; AUTHORITY SECTION: www.facebook.com. 86400 IN NS glb1.facebook.com. www.facebook.com. 86400 IN NS glb2.facebook.com. ;; ADDITIONAL SECTION: glb1.facebook.com. 3600IN A 69.171.239.10 glb2.facebook.com. 3600IN A 69.171.255.10 ;; Query time: 58 msec ;; SERVER: 204.74.66.132#53(204.74.66.132) ;; WHEN: Wed Jun 8 02:01:37 2011 ;; MSG SIZE rcvd: 104 No records at the moment. Checked alll their nameservers. -- //fredan
Re: IPv6 day fun is beginning!
On Jun 7, 2011, at 8:08 PM, Iljitsch van Beijnum wrote: On 8 jun 2011, at 2:02, Pete Carah wrote: www.facebook.com (but not facebook.com) just turned on here too (after google). another hex-speak spelling... I'm using my iPhone as the IPv6-only canary. www.facebook.com now seems to work, but it redirects to m.facebook.com which doesn't have IPv6. This seems to be a trend, yahoo and cnn do the same thing. Annoying. Props to google for doing it right, e.g.: maps.googleapis.com gg.google.com safebrowsing.clients.google.com Thank you google! - Jared
IPv6 day - Facebook announcements
In addition to themselves announcing this, NASA.gov and Markertek.com have announced there that they're participating with their websites; I'll reply to this posting if I see any others (and if anyone better positioned to report on their success posts, I'll pass it along). Cheers, -- jr 'yes; just to prove I know the difference' a -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: [v6z] Re: IPv6 day fun is beginning!
That's because you're asking the wrong nameservers. The response you're getting is pointing you to the correct nameservers (glb1/glb2.facebook.com) which are defintely returning records for me : $ dig +short www.facebook.com @glb1.facebook.com 2620:0:1c08:4000:face:b00c:0:3 Scott. On Tue, Jun 7, 2011 at 5:04 PM, fredrik danerklint fredan-na...@fredan.sewrote: This is from Sweden. $ dig any www.facebook.com @ns1.facebook.com ; DiG 9.7.3 any www.facebook.com @ns1.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 61742 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ANY ;; AUTHORITY SECTION: www.facebook.com. 86400 IN NS glb1.facebook.com. www.facebook.com. 86400 IN NS glb2.facebook.com. ;; ADDITIONAL SECTION: glb1.facebook.com. 3600IN A 69.171.239.10 glb2.facebook.com. 3600IN A 69.171.255.10 ;; Query time: 58 msec ;; SERVER: 204.74.66.132#53(204.74.66.132) ;; WHEN: Wed Jun 8 02:01:37 2011 ;; MSG SIZE rcvd: 104 No records at the moment. Checked alll their nameservers. -- //fredan
Re: IPv6 day fun is beginning!
On 8 jun 2011, at 2:02, Pete Carah wrote: www.facebook.com (but not facebook.com) just turned on here too (after google). another hex-speak spelling... I'm using my iPhone as the IPv6-only canary. www.facebook.com now seems to work, but it redirects to m.facebook.com which doesn't have IPv6. This seems to be a trend, yahoo and cnn do the same thing. Annoying. My iphone picks up a v6 address from our wireless network but not from ATT as far as I can tell. google actually enabled a v6 address for at least part of their picture cdn along with the top page. I might try the iphone since it gets redirected to m.* a lot, though I'd presume (Cameron notwithstanding...) that very few of the participants are enabling their mobile infrastructure for v6 yet. OTOH, see: %host m.google.com m.google.com is an alias for mobile.l.google.com. mobile.l.google.com has address 72.14.204.193 mobile.l.google.com has IPv6 address 2001:4860:800f::c1 So far, looks like Google has done a good job. I don't know if they are doing any of their geolocation-based dns on the v6 stuff; my v6 address is from HE at ashburn... -- Pete
Re: IPv6 day fun is beginning!
On 06/07/2011 08:08 PM, Iljitsch van Beijnum wrote: I'm using my iPhone as the IPv6-only canary. www.facebook.com now seems to work, but it redirects to m.facebook.com which doesn't have IPv6. This seems to be a trend, yahoo and cnn do the same thing. Annoying. Indeed. Verizon LTE is v6 enabled but the user-agent on my phone denies me an IPv6 experience.
Re: IPv6 day fun is beginning!
On 6/7/2011 7:13 PM, Seth Mattinen wrote: On 6/7/2011 17:04, fredrik danerklint wrote: This is from Sweden. $ dig any www.facebook.com @ns1.facebook.com ; DiG 9.7.3 any www.facebook.com @ns1.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 61742 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ANY ;; AUTHORITY SECTION: www.facebook.com. 86400 IN NS glb1.facebook.com. www.facebook.com. 86400 IN NS glb2.facebook.com. ;; ADDITIONAL SECTION: glb1.facebook.com. 3600IN A 69.171.239.10 glb2.facebook.com. 3600IN A 69.171.255.10 ;; Query time: 58 msec ;; SERVER: 204.74.66.132#53(204.74.66.132) ;; WHEN: Wed Jun 8 02:01:37 2011 ;; MSG SIZE rcvd: 104 No records at the moment. Checked alll their nameservers. Same results here, western US. This appears to be normal, but check the authoritative servers it gives. ;; AUTHORITY SECTION: www.facebook.com. 86400 IN NS glb1.facebook.com. www.facebook.com. 86400 IN NS glb2.facebook.com. They respond with with aa bit set.
Re: IPv6 day fun is beginning!
On Wed, 8 Jun 2011, Iljitsch van Beijnum wrote: www.juniper.net is on IPv6 www.facebook.com has but doesn't load for me over IPv6, it does for others though Working great for me. Getting to it via HE. www.level3.com works fine over v4 but shows a 404 over IPv6 Yes, I am seeing that too. Cute. michael
Re: IPv6 day fun is beginning!
On 06/08/2011 02:13 AM, Randy Carpenter wrote: I'm getting v6 for facebook now. www.facebook.com is v6 here, but I see no for the fbcdn.net subdomains. -- Rémy Sanchez signature.asc Description: OpenPGP digital signature
v6 transit swaps harmful
In case there are folks who missed this in the past few years, we will soon be past the point where IPv6 transit swaps and other incubation tools are acceptable to customers. How is it that Tiscali and Sprint can only get together via IIJ? Who is to blame? From my perspective, all three networks. I'll spare you the rest of my hand-waving and just paste the route: % host -t www.sprint.net www.sprint.net has IPv6 address 2600:: 2600::/29 AS path: 3257 2497 6175 1239 1239 1239 1239 1239 1239 1239 I % traceroute6 -q1 -f2 2600:: traceroute6 to 2600:: (2600::) from [redacted], 64 hops max, 12 byte packets Skipping 1 intermediate hops 2 xe-10-3-0.nyc20.ip6.tinet.net (2001:668:0:2::1:892) 10.896 ms 3 2001:504:1::a500:2497:1 (2001:504:1::a500:2497:1) 13.511 ms 4 sjc002bb01.iij.net (2001:48b0:bb00:8019::4008) 89.263 ms 5 sjc002ix02.iij.net (2001:48b0:bb03:f::4015) 87.075 ms 6 sl-bb1v6-sj-t-40.sprintv6.net (2001:440::ffcd::1) 92.491 ms 7 sl-crs2-sj-po0-1-4-0.v6.sprintlink.net (2600:0:2:1239:144:232:1:123) 89.333 ms 8 sl-crs1-sj-po0-9-5-0.v6.sprintlink.net (2600:0:2:1239:144:232:2:108) 95.966 ms 9 sl-crs2-ria-po0-3-5-0.v6.sprintlink.net (2600:0:2:1239:144:232:9:114) 97.788 ms 10 sl-crs2-fw-po0-13-2-0.v6.sprintlink.net (2600:0:2:1239:144:232:25:160) 173.331 ms 11 sl-crs1-fw-po0-12-0-0.v6.sprintlink.net (2600:0:2:1239:144:232:18:145) 165.577 ms 12 sl-crs3-fw-po0-7-0-0.v6.sprintlink.net (2600:0:2:1239:144:232:1:45) 167.203 ms 13 sl-crs3-atl-po0-2-0-0.v6.sprintlink.net (2600:0:2:1239:144:232:8:20) 169.195 ms 14 sl-crs1-atl-po0-11-0-0.v6.sprintlink.net (2600:0:2:1239:144:232:4:48) 170.922 ms 15 sl-crs1-ffx-po0-8-0-0.v6.sprintlink.net (2600:0:2:1239:144:232:18:119) 172.688 ms 16 sl-crs1-orl-po0-0-0-0.v6.sprintlink.net (2600:0:2:1239:144:232:19:251) 177.762 ms 17 sl-lkdstr2-p1-0.v6.sprintlink.net (2600:0:3:1239:144:223:33:32) 177.450 ms 18 www.sprint.net (2600::) 172.235 ms -- Jeff S Wheeler j...@inconcepts.biz Sr Network Operator / Innovative Network Concepts
Re: IPv6 day fun is beginning!
On Tue, Jun 7, 2011 at 20:14, Jared Mauch ja...@puck.nether.net wrote: Props to google for doing it right, e.g.: maps.googleapis.com gg.google.com safebrowsing.clients.google.com Thank you google! - Jared ... and Gmail, too ... /TJ
Re: [v6z] Re: IPv6 day fun is beginning!
Sorry about this. When asked for the right thing it does resolv! $ dig www.facebook.com ;; QUESTION SECTION: ;www.facebook.com. IN ;; ANSWER SECTION: www.facebook.com. 30 IN 2620:0:1c08:4000:face:b00c:0:3 That's because you're asking the wrong nameservers. The response you're getting is pointing you to the correct nameservers (glb1/glb2.facebook.com) which are defintely returning records for me : $ dig +short www.facebook.com @glb1.facebook.com 2620:0:1c08:4000:face:b00c:0:3 Scott. On Tue, Jun 7, 2011 at 5:04 PM, fredrik danerklint fredan-na...@fredan.sewrote: This is from Sweden. $ dig any www.facebook.com @ns1.facebook.com ; DiG 9.7.3 any www.facebook.com @ns1.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 61742 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ANY ;; AUTHORITY SECTION: www.facebook.com. 86400 IN NS glb1.facebook.com. www.facebook.com. 86400 IN NS glb2.facebook.com. ;; ADDITIONAL SECTION: glb1.facebook.com. 3600IN A 69.171.239.10 glb2.facebook.com. 3600IN A 69.171.255.10 ;; Query time: 58 msec ;; SERVER: 204.74.66.132#53(204.74.66.132) ;; WHEN: Wed Jun 8 02:01:37 2011 ;; MSG SIZE rcvd: 104 No records at the moment. Checked alll their nameservers. -- //fredan -- //fredan
Re: [v6z] Re: IPv6 day fun is beginning!
On 6/7/2011 17:16, Scott Howard wrote: That's because you're asking the wrong nameservers. The response you're getting is pointing you to the correct nameservers (glb1/glb2.facebook.com) which are defintely returning records for me : $ dig +short www.facebook.com @glb1.facebook.com 2620:0:1c08:4000:face:b00c:0:3 Now I'm seeing it. Quite the short TTL: ; DiG 9.6-ESV-R4 www.facebook.com @glb2.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 34595 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ;; ANSWER SECTION: www.facebook.com. 30 IN 2620:0:1c00:0:face:b00c:0:1 ;; Query time: 34 msec ;; SERVER: 69.171.255.10#53(69.171.255.10) ;; WHEN: Tue Jun 7 17:32:31 2011 ;; MSG SIZE rcvd: 62 Earlier I was getting no : ; DiG 9.6-ESV-R4 www.facebook.com @glb2.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 32876 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.facebook.com. IN ;; AUTHORITY SECTION: www.facebook.com. 500 IN SOA glb01.sf2p.tfbnw.net. hostmaster.facebook.com. 2008102433 10800 3600 604800 86400 ;; Query time: 29 msec ;; SERVER: 69.171.255.10#53(69.171.255.10) ;; WHEN: Tue Jun 7 16:27:29 2011 ;; MSG SIZE rcvd: 101
Re: IPv6 day fun is beginning!
- Original Message - From: Jared Mauch ja...@puck.nether.net Props to google for doing it right, e.g.: maps.googleapis.com gg.google.com safebrowsing.clients.google.com Thank you google! Funny you bring up getting all the subsidiary sties right. I tried to comment on an NPR story last night, to find that their AJAX comment popup points to *an HTTPS* server... whose cert expired at 1752 on 6/6. I pointed that out to both @nprtechteam and @acarvin around 10pET when I noticed it... and got no reply from either, which is slightly unusual for them. Worst part: Unscrollable box, so I *couldn't* just bypass it even if I'd wanted to. Oops, Mozilla... Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: IPv6 day fun is beginning!
- Original Message - From: Matt Ryanczak ryanc...@gmail.com Indeed. Verizon LTE is v6 enabled but the user-agent on my phone denies me an IPv6 experience. I thought I'd heard that LTE transport was *IPv6 only*... Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: Why don't ISPs peer with everyone?
On Tue, Jun 7, 2011 at 7:10 PM, William Herrin b...@herrin.us wrote: [snip] gets a 200 amp electrical service. The problem with that notion is that A) consumers are hooked on unlimited, and B) your toaster Consumers aren't getting unlimited right now. They're getting (unknown number of databytes)/month, before the ISP speed caps, throttles, rate limits them or turns them off for excessive usage. doesn't get hacked and start consuming 200 amps all day without your knowledge. Your toaster is plugged into an outlet that probably has a 20 amp circuit breaker on it. If someone hacks it without your knowledge to eat 200 amps, it will get turned off. A similar mechanism could be built into network CPEs. -- -JH
Re: IPv6 day fun is beginning!
That is expected, the CDN is not IPv6 enabled (yet) On 6/7/11 5:24 PM, Rémy Sanchez remy.sanc...@hyperthese.net wrote: On 06/08/2011 02:13 AM, Randy Carpenter wrote: I'm getting v6 for facebook now. www.facebook.com is v6 here, but I see no for the fbcdn.net subdomains. -- Rémy Sanchez
RE: IPv6 day fun is beginning!
Anyone with native v6 want to help me test my content? I don't have any v6 access from anything except a few dedicated servers yet. Off list response is fine :) -Original Message- From: TJ [mailto:trej...@gmail.com] Sent: Tuesday, June 07, 2011 6:32 PM To: NANOG Subject: Re: IPv6 day fun is beginning! On Tue, Jun 7, 2011 at 20:14, Jared Mauch ja...@puck.nether.net wrote: Props to google for doing it right, e.g.: maps.googleapis.com gg.google.com safebrowsing.clients.google.com Thank you google! - Jared ... and Gmail, too ... /TJ
Re: IPv6 day fun is beginning!
On 8 jun 2011, at 2:31, TJ wrote: ... and Gmail, too ... imap.gmail.com only has IPv4, though.
Broken Teredo relay AS1101?
This path for 2001::/32 leads to a broken teredo relay: 3257 1103 1101 http://ip6.me was using this path and not working from my client. When I routing to prefer 6939's relays it started working. - Kevin
Facebook's IPv6 Addresses - LOL
This is amusing: Tracing route to www.facebook.com [2620:0:1c00:0:*face:b00c*:0:2] over a maximum of 30 hops: 11 ms1 ms1 ms 2001:1938:2a7::1 288 ms95 ms88 ms gw-383.phx-01.us.sixxs.net[2001:1938:81:17e::1] 391 ms86 ms89 ms 2001:4de0:1000:a4::1 487 ms 128 ms92 ms 1-3.ipv6.r1.ph.hwng.net[2001:4de0:1000:27::2] 587 ms94 ms85 ms 2001:478:186::20 6 100 ms98 ms 100 ms 10gigabitethernet2-2.core1.lax1.he.net[2001:470:0:159::1] 7 117 ms 107 ms 116 ms 10gigabitethernet7-3.core1.fmt2.he.net[2001:470:0:18d::1] 8 112 ms 109 ms 114 ms 10gigabitethernet1-1.core1.sjc2.he.net[2001:470:0:31::2] 9 106 ms 108 ms 108 ms facebook.gige-g5-9.core1.sjc2.he.net[2001:470:0:14a::2] 10 105 ms 106 ms 107 ms ae0.bb01.sjc1.tfbnw.net [2620:0:1cff:* dead:beef*::9] 11 134 ms 132 ms 140 ms ae10.bb01.prn1.tfbnw.net[2620:0:1cff:dead:beef::119] 12 134 ms 133 ms 134 ms ae0.dr01.prn1.tfbnw.net[2620:0:1cff:dead:beef::19d] 13 132 ms 133 ms 133 ms po1023.csw01a.prn1.tfbnw.net[2620:0:1cff:dead:beef::381] ... In case the formatting get's lost, their initial address includes face:booc and one of the hops along the way is dead:beef. :-) David :-D
Re: IPv6 day fun is beginning!
On Tue, Jun 7, 2011 at 21:04, Iljitsch van Beijnum iljit...@muada.comwrote: On 8 jun 2011, at 2:31, TJ wrote: ... and Gmail, too ... imap.gmail.com only has IPv4, though. Good catch, applies to pop smtp as well. Baby steps, I guess? /TJ
Re: Microsoft's participation in World IPv6 day
On Sun, Jun 5, 2011 at 11:24 PM, Owen DeLong o...@delong.com wrote: Moving them to IPv6 and hoping that enough of the content providers move forward fast enough to minimize the extent of the LSN deployment required. The problem here is not content, it's access. Look at World IPv6 day. What percentage of web content is represented? Probably order of 10%. How about access? Our public stats still say 0.3%